Thread Info
  • State Suggested Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 1611 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

port forwarding 15000 to internal 15000

Berni Hansmann

Try to set up port forwarding. Made a DNAT rule with forwarding http (external port 80) to port 15000 on internal server. That works!

Then changed the rule to forward external port 15000 to internal port 15000. Doesn't work! 

Just changed the port. What is wrong?



This thread was automatically locked due to age.
  • 0

    Hello.  Can you give us screenshots of the DNAT rule and the service(s) in the rule?  When you enable logging on the DNAT rule, do you see the rule being hit in the firewall log?  I assume you have automatic firewall rule enabled on the DNAT?  

    Tim

  • 0

    Hallo Berni and welcome to the UTM Community!

    Also, you might want to check #3 and #5 in Rulz.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    This is either one of the ISP's blocking the higher range port or a configuration issue with the DNAT (specifically the service object source port). 

    Do you see the NAT rule being hit when you test with 15000? Turn on logging on the rule and check that. 

  • 0 in reply to MasterRoshi

    Yes, it is a common mistake when configuring custom service objects to put the source port the same as the destination port, whereas it should be set to "1:65535".  In most cases, excluding some protocols like SIP or IKE which use the same source & destination ports.  

    Tim

Unfiltered HTML